Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1225cc34-f5d1-422d-9202-634bc8e5a66b.roa
File: 1225cc34-f5d1-422d-9202-634bc8e5a66b.roa (raw, json)
Hash identifier: RakVu0XgHMKMlaqgwdQgD09hrYCillvySOYAKRPbQg4=
Subject key identifier: 5C:0A:50:65:56:A9:35:AF:CB:67:9B:B2:B1:BA:F6:AC:F5:FD:CB:71
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 459487C0D9AE1A09CB4C5EB7C3980B2EF67765B1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1225cc34-f5d1-422d-9202-634bc8e5a66b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.80.0.0/16 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:94:87:c0:d9:ae:1a:09:cb:4c:5e:b7:c3:98:0b:2e:f6:77:65:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:c2:c0:4e:76:ec:25:c6:a9:26:c2:98:7f:ed:
aa:3e:5e:9e:81:1e:77:72:b3:02:2b:33:20:92:11:
09:59:0f:bd:5c:8e:71:8a:40:24:d7:b0:fb:4d:90:
54:ba:22:db:4c:fc:b3:8c:c7:3b:0e:df:0d:d5:e4:
3d:be:7e:7e:6a:a3:cf:a8:89:45:f0:d3:09:cf:ce:
af:a2:58:cf:84:20:dc:58:5f:75:44:f9:da:c3:32:
3e:65:5d:1d:73:eb:58:04:98:2c:15:9f:5b:34:bf:
26:53:9d:cb:66:65:07:6b:28:03:0b:1b:7f:70:60:
7b:4c:c2:cd:63:2d:cf:c9:0f:8a:08:28:d0:ac:41:
43:9d:06:7e:0d:79:cd:56:21:c9:60:7b:5c:de:0f:
c4:17:c4:c8:36:18:ae:f7:4d:71:45:85:fd:b2:e0:
bb:63:4b:01:ee:32:41:59:13:b9:b1:1d:f4:a3:06:
28:8c:3a:ed:9c:ba:c0:cc:d5:d5:b1:f0:32:f5:d7:
2d:f5:61:af:c5:dd:c1:60:de:19:31:c7:9f:ee:f6:
d7:56:03:bc:03:95:8b:0b:61:68:be:68:a3:22:d2:
3b:62:f5:76:b3:8c:ef:e7:a9:e3:90:3c:95:44:ac:
8f:9d:af:6a:c3:7c:3f:b8:39:5b:a3:23:9b:78:1b:
c8:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:0A:50:65:56:A9:35:AF:CB:67:9B:B2:B1:BA:F6:AC:F5:FD:CB:71
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1225cc34-f5d1-422d-9202-634bc8e5a66b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.80.0.0/16
Signature Algorithm: sha256WithRSAEncryption
4a:a7:47:cb:8f:b6:93:b0:7c:f8:9f:2e:9f:28:69:b6:88:15:
f4:e1:26:e1:34:c4:d0:70:2c:04:9c:3a:79:70:c3:c0:17:f4:
cb:df:f9:c8:e3:1f:3b:17:aa:7f:5c:69:17:81:13:58:fb:af:
03:7d:ad:35:d4:ca:77:87:96:72:7f:96:9c:70:a9:fc:5f:e4:
0c:d4:9d:0e:db:a6:d9:34:4a:4a:93:32:e9:4c:d7:ea:40:e0:
99:20:55:c8:08:65:7f:4b:77:85:2c:bc:2e:da:2f:69:7d:01:
cf:16:02:04:f1:c5:05:cf:81:34:29:3d:dc:f2:4b:0f:4b:a5:
10:c0:44:7e:91:9b:52:77:2a:73:14:48:94:47:ba:30:1e:ac:
29:9c:37:7d:85:d8:a2:39:ab:d0:6a:97:9f:22:25:c3:e0:6d:
71:65:08:27:46:cc:d9:6f:9d:61:79:42:4c:35:18:c8:92:5f:
fe:40:96:b0:b2:c1:49:5f:c4:90:a3:ac:8c:a3:6e:1a:11:07:
61:c2:93:7a:9b:52:b6:37:77:b0:1b:cc:5a:ee:79:0d:8e:3e:
af:e3:d9:b9:cb:12:c3:70:8c:05:47:38:26:e9:f1:35:0f:5f:
57:a6:f6:b5:29:cb:ea:ef:40:ea:23:15:b2:8b:3c:75:e8:01:
fd:7f:4b:a7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIURZSHwNmuGgnLTF63w5gLLvZ3ZbEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxZWU5MDcxMDkzYWZhYjcwNDgyMzkyZDk5MzlmYmIwZjZmODM4NTBkM2Rj
ZGZlZGZjNGVjZDIzMWI1YmViY2YxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJbCwE527CXGqSbCmH/tqj5enoEed3KzAiszIJIRCVkPvVyOcYpAJNew+02Q
VLoi20z8s4zHOw7fDdXkPb5+fmqjz6iJRfDTCc/Or6JYz4Qg3FhfdUT52sMyPmVd
HXPrWASYLBWfWzS/JlOdy2ZlB2soAwsbf3Bge0zCzWMtz8kPiggo0KxBQ50Gfg15
zVYhyWB7XN4PxBfEyDYYrvdNcUWF/bLgu2NLAe4yQVkTubEd9KMGKIw67Zy6wMzV
1bHwMvXXLfVhr8XdwWDeGTHHn+7211YDvAOViwthaL5ooyLSO2L1drOM7+ep45A8
lUSsj52vasN8P7g5W6Mjm3gbyNECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRcClBl
Vqk1r8tnm7Kxuvas9f3LcTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTIyNWNjMzQtZjVkMS00MjJkLTkyMDItNjM0YmM4ZTVhNjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNQMA0G
CSqGSIb3DQEBCwUAA4IBAQBKp0fLj7aTsHz4ny6fKGm2iBX04SbhNMTQcCwEnDp5
cMPAF/TL3/nI4x87F6p/XGkXgRNY+68Dfa011Mp3h5Zyf5accKn8X+QM1J0O26bZ
NEpKkzLpTNfqQOCZIFXICGV/S3eFLLwu2i9pfQHPFgIE8cUFz4E0KT3c8ksPS6UQ
wER+kZtSdypzFEiUR7owHqwpnDd9hdiiOavQapefIiXD4G1xZQgnRszZb51heUJM
NRjIkl/+QJawssFJX8SQo6yMo24aEQdhwpN6m1K2N3ewG8xa7nkNjj6v49m5yxLD
cIwFRzgm6fE1D19Xpva1Kcvq70DqIxWyizx16AH9f0un
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:42:47 2025 by rpki-client